[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 6 million
|
From: |
brent s. |
|
Subject: |
Re: 6 million |
|
Date: |
Tue, 14 Apr 2020 15:35:52 -0400 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.6.0 |
On 4/14/20 15:17, Stefan Claas wrote:
> brent s. wrote:
>
>> On 4/14/20 11:00, Stefan Claas wrote:
>>>
>>> Why still focusing on a dead project like SKS and not convining the other
>>> guys from Mailvelope or Hagrid to add peering capabilities?
>>>
>>
>> You do realize one can do both, right?
>
> Yes, and I have not seen here from the majority in the past, saying hey lets
> try out (and switch) or asked the devs.
We can't switch because the "replacements" lack functionality SKS has.
Until there is a complete replacement for SKS, SKS will continue to be
operated.
I can't speak for the other operators, but I've tried hockeypuck,
mailvelope, *and* Hagrid. None satisfy as a replacement. COULD they, in
the future? Sure. But none do yet, and as such, saying something like
"What benefits do you have as an SKS operator, to still support such
old and dangerous GnuPG/SKS client-server model, in 2020?" serves as
manipulative, conniving, and naive language. I don't understand why you
care what we run on our own hardware, especially given we don't have any
complete replacements.
>
> Regarding SKS, for example, I have not even seen from it's operators to
> support modern hockeypuck[1] (development) and giving up old SKS code.
>
Probably because we're operators and not developers.
The SKS code is here, so "giving up" the code is a moot point:
https://bitbucket.org/skskeyserver/sks-keyserver/src/default/
Unless, of course, you mean "replace their deployments" - in which case,
see above.
> Excuse me if I sound like a troll. It is a valid question, because as you
> may know public keys on SKS keyservers can be knocked out or not so nice
> data can be added to them, thus not protecting users key.
That is not how any of the attacks work. At all. A keyserver can be
brought down but that doesn't magically put the integrity of the keys at
risk to tampering. (If it did, you'd have an issue with GnuPG or PGP,
not SKS.) Users' keys are protected just fine.
>
> In 2020 I would assume If I would be interested to run a community service
> I would try to give my best for its users, i.e. trying to protect their
> data (publick key blocks) as best as possible.
>
See above. You have a fundamental misunderstanding of the issues with SKS.
--
brent saner
https://square-r00t.net/
GPG info: https://square-r00t.net/gpg-info
signature.asc
Description: OpenPGP digital signature
- 6 million, Skip Carter, 2020/04/07
- Re: 6 million, Stefan Claas, 2020/04/14
- Re: 6 million, Skip Carter, 2020/04/14
- Re: 6 million, brent s., 2020/04/14
- Re: 6 million, Stefan Claas, 2020/04/14
- Re: 6 million,
brent s. <=
- Re: 6 million, Stefan Claas, 2020/04/14
- Re: 6 million, Todd Fleisher, 2020/04/14
- Re: 6 million, Stefan Claas, 2020/04/14
- Re: 6 million, Todd Fleisher, 2020/04/14
- Re: 6 million, Stefan Claas, 2020/04/14
- Re: 6 million, Arnold, 2020/04/14